Forum Sentry API Security Gateway

Combines Identity, Security, and Integration features for Cloud, Mobile, and B2B communications

Enterprise application architectures are complex, comprising components in the data center, the cloud, mobile devices, and 3rd party partners. In today’s modern architectures API’s have become the primary channel for business transactions, enabling a business-aware abstraction layer for improved agility, and centralized control of identity, security, and monitoring.

The Forum Sentry API gateway enables code-free, point-and-click building of APIs to integrate legacy and modern systems, connect cloud and mobile technologies, and extend business applications and services securely beyond the enterprise border.

With over 15 years of industry-leading innovation under the hood, Forum Sentry is an essential part of modern architecture design and cyber-security protection of assets and information that enable enterprises to build and manage complex APIs centrally and in a highly secure manner. The Forum Sentry API Security Gateway converges 3 key functions of technology – identity, security, and integration with key capabilities such as:

Integrates a broad spectrum of client-side and server-side technologies seamlessly with no coding required

Supports all cloud and mobile messaging and protocol standards.

Recognized by KuppingerCole as the Only API Management Vendor “with a Primary Focus on Security” and an overall leader in both product and leadership categories in their Leadership Compass: API Security Management. Forum Sentry has been adopted by enterprises worldwide in processing over 10 billion transactions per day in the most complex real-time environments that exist.

Purpose-built to optimize and simplify your architecture with no-code product features that rapidly enable secure integration among legacy and modern system components both on-premise and in the cloud. Minimal impact on clients and back-end services allow for modernization without the burden of hand-coding integration.

Proven Success

Forum Sentry maintains a 100% deployment success rate for 15 years with U.S. federal agencies, foreign governments and global enterprises, with secure integration across channels, applications and infrastructure.

World Class Product Support

Ranging from an Amazon-hosted cloud training academy to in-house experts providing best practices, recommendations, and deployment assistance, Forum Systems stands by it’s technology like no other.

WHITE PAPER

TECHNICAL SPEC

Data moving between your company and the your partners, customers and cloud providers must be protected with military-grade security. As your enterprise increases its integration, the attack surface area increases along with the risk of corporate data leaks. Using Forum Sentry, your corporation can protect against emerging threats, deploy world-class data privacy, enforce data integrity, and ensure that every corporate transaction is accounted for.

Threat Mitigation

XML Firewall

Web App Firewall

Rate-Based Rules

Size-Based Rules

Embedded AV Engine

Pattern Recognition

Intrusion Detection Prevention (IDP)

Data Leakage Prevention (DLP)

Transaction Privacy

XML Encryption

WS-Security Encryption

Symmetric Encryption

SSLv3

TLS

RSA

DSA

ECC

Transaction Integrity

XML Signatures

WS-Security Signatures

DSIG Verification

X.509 Authentication

XSD Schema Validation

XSD Tightening

JSON Validation

Timestamp Validation

HTML Form Validation

PKI

X509

PKCS #1,7,8,12

OpenPGP

SSH

Key Import

Key Generation

CSR, Self-Sign

CRL, OCSP, XKMS, CDP

HSM Security World

OID Extraction

You have to know who you do business with and the extent of information that you are willing to provide to your partners and customers. As a successful company, the number of partners that transact with you continues to increase. Forum Sentry provides a flexible identity platform that lets your corporation rapidly utilize a variety of identity tokens. From social media and cloud-based OAuth tokens to hardened 2-Factor Authentication, Forum Sentry enables code free authentication, authorization, and access control capabilities for rapidly enabling secure data exchange.

Message-Based Tokens

WS-Username

WS-Kerberos

WS-SAML

WS-X509

SAML

DSIG

Protocol-Based Credentials

HTTP Basic

HTTP Digest

HTTP Form Post

HTTP Cookie

SSL X.509 Client Auth

REST URI

OAUTH

Access Control

Central Authorization

XACML

Database

IdP and SP-Initiated schemes

Native Identity Adapters

Intelligent Caching

Patented Cryptographic Acceleration

Federation

Cookie Consumption

Cookie Generation

Cookie Tracking

IdP and SP-Initiated SSO Schemes

WS-Federation

SAML

STS

Credential Persistence

Forum Sentry API Gateway is designed to securely integrate clients and services, both modern and legacy, with comprehensive standards built in for optimal interoperability. Leveraging over 14 years in the industry, the Forum Sentry API Gateway inspects and analyzes transaction attributes in the request and response to enable policy-based enforcement. These attributes include: HTTP methods, protocol headers, message data, X.509, IdM attributes, and other dynamic attributes. This enables contextual decisions to be based on HTTP methods such as POST and GET, as well as contextual methods such as URIs, message data content, and any other attribute source. The integration features also enable API-based message enrichment where workflows, data transformation, and APIs can be extended via scripting and service aggregation capabilities.

Standards

XML, SOAP

HTML, JSON

AS2, ebXML

SAML, WS-Federation

XML-Sec, WS-Sec

WSDL, XSD

WS-Trust, XACML

WS-Addressing

WS-Reliable Messaging

WS-Policy, UDDI

XPath

XSLT

Data Mapping

SOAP-to-REST Conversion

Attribute Mapping

Protocol and Message Mapping

Identity Token Conversion

Data Aggregation

Node Encoding and Conversion

Transformation

Header, Body & Attribute Identification

X.509 Attribute Mapping

Database Mapping

IdM Mapping (LDAP, AD, etc.)

API & SOA Data Repository Integration

URI Mapping

Protocols

HTTP, HTTPS

SSL / TLS

IBM MQ

Tibco EMS

JBOSS JMS

Oracle JMS

Sun JMS

Active MQ, Rabbit MQ

Solace JMS

AMQP

FTP, FTPS, SFTP

SMTP

Monitoring

Forum Sentry provides you with granular, real-time and accurate view into your corporations transactions with your customers and partners. With extensive logging, reporting and SLA enforcement capabilities, Forum Sentry can control traffic pattern between your application, cloud providers and users. With extensive throttling and alerting capabilities, Forum Sentry ensures that you are in direct and immediate control of your API traffic.

Actions

API Traffic Reporting

Rates and Size Statistics

Latency and Throughput

Message Throttling and Shaping

Threshold Alerts

Enforcement time windows

Logging

SYSLOG UDP/TCP/SSL

SNMP v3

JMX

SOAP Logging

Database Logging

Customized logging

Transaction Accountability

Archiving

Logging

Reporting

Monitoring

SNMP

JMX

Custom SOAP Alerts

Repositories

MySQL

IBM DB2

Oracle Database

Microsoft SQL Server

HP-OpenView

CheckPoint ELA

Hardware

1-U Hardened Appliance

FIPS 140-2 Level II Chassis

FIPS 140-2 Level III HSM Cryptographic Acceleration

Dual Power Supply

Integrated Flash

Unlimited Cloud Capacity

3 x Gigabit Ethernet (optional 10-Gigabit)

&nbsp

Virtual Appliance

Fully encapsulated virtualized rendition of hardware system in a deployable OVA VMware system